Decrypting the config.xml
The script below is enhanced from various other scripts found on the web to perform decryption of WebLogic encrypted strings. This script uses a sax parser and scans through the config.xml and decrypts all XML tags containing the word "encrypted".All the code below is free to use and modify as you wish.
Downloads:
WLSDecryptor.py
runwlst.sh
Script Runner: runwlst.sh
#!/bin/bash
WORKDIR=$PWD
export JAVA_HOME=/usr/java/latest
if [ "$#" -lt 1 ]
then
echo "runwlst.sh [path to cfgfile]"
exit
fi
export DOMAIN_DIR="$1"
if [ "$#" -eq 2 ]
then
export CFGFILE="$2"
fi
. $DOMAIN_DIR/bin/setDomainEnv.sh
echo "Starting wlst script"
${JAVA_HOME}/bin/java weblogic.WLST $WORKDIR/WLSDecryptor.py
Run this as:
./runwlst.sh <abs path to domain> [path to cfg file]
For example:
./runwlst.sh /WLSDomains/dom1
or to decrypt the jdbc connection xml
./runwlst.sh /WLSDomains/dom1 /WLSDomains/dom1/config/jdbc/dbpool.xml
Where dbpool.xml is the cfg file containing the jdbc connection information.
Script: WLSDecryptor.py
from weblogic.security.internal import *
from weblogic.security.internal.encryption import *
import os
import sys
from xml import sax
from xml.sax import xmlreader, saxutils
from xml.sax.handler import ContentHandler
class wlsCfgParser(ContentHandler):
"""this runs through the wls file looking for
tags with string 'encrypted' in them"""
encStr=""
def __init__(self,domainDir, cfgfile):
assert(os.path.exists(domainDir))
if cfgfile == None:
self.cfgfile=os.path.join(domainDir,"config","config.xml")
else:
self.cfgfile=cfgfile
if os.path.exists(self.cfgfile):
print "Decrypting :",self.cfgfile
self.Parser = sax.make_parser()
self.Parser.setContentHandler(self)
self.decrypter = WeblogicDecrypter(domainDir)
def parse(self):
self.Parser.parse(open(self.cfgfile,"r"))
def startElement(self,name,attrs):
if name.lower().find("encrypted") >= 0:
self.encStr=""
def endElement(self,name):
if name.lower().find("encrypted") >= 0:
decryptStr = self.decrypter.decrypt(self.encStr)
# print results:
print "Tag Name: ",name
print "Enc Str : ",self.encStr
print "Dec Str : ",decryptStr
def characters(self,data):
self.encStr += saxutils.escape(data)
class WeblogicDecrypter:
decrypted = None
ces = None
def __init__(self, domainDir, encryptedStr=None):
domainDirFullPath = os.path.abspath(domainDir) # get absolute path in case relative is passed
self.ces = ClearOrEncryptedService(SerializedSystemIni.getEncryptionService(domainDirFullPath))
if encryptedStr != None:
self.decrypted = self.ces.decrypt(encryptedStr)
def decrypt(self, encryptedStr):
self.decrypted= self.ces.decrypt(encryptedStr)
return self.decrypted
def __str__(self):
return self.decrypted
# wlst jython does not understand : if __name__ == '__main__':
domainDir=os.getenv("DOMAIN_DIR")
cfgfile=os.getenv("CFGFILE")
print "Domain Dir: "+str(domainDir)
if cfgfile != None:
print "File to decr : "+str(cfgfile)
wcp = wlsCfgParser(domainDir, cfgfile)
wcp.parse()
yesno=raw_input("Do you want to decrypt a custom encrypted string? [y/n]")
if yesno != "y":
sys.exit()
encStr = raw_input("Enter encrypted Str [Q to quit]: ")
wd40 = WeblogicDecrypter(domainDir)
while encStr.lower() != "q":
print wd40.decrypt(encStr)
encStr = raw_input("Enter encrypted Str [Q to quit]: ")
Notes:
This script will decrypt each encrypted string, and at the end also asks for a custom encrypted string if there is one that you wish to decrypt that was not in the config.xml or whichever xml file that was passed.
